OffSequenceMar 20
🚨 CVE-2026-22732 (CRITICAL, CVSS 9.1): Spring Security 5.7.0 – 7.0.3 vulnerability lets HTTP headers go unwritten, risking CSP/HSTS bypass. No auth needed, remote exploit possible. Upgrade urgently & enforce headers via WAF/CDN! https://radar.offseq.com/threat/cve-2026-22732-vulnerability-in-spring-spring-secu-2c8fbdd8 #OffSeq #SpringSecurity #CVE202622732